WebSphere MQ queue managers transfer information that is potentially
valuable, so you need to use an authority system to ensure that unauthorized
users cannot access your queue managers. Consider the following types
of security controls:
- Who can administer WebSphere MQ
- You can define the set of users who can issue commands to administer
WebSphere MQ.
- Who can use WebSphere MQ objects
- You can define which users (usually applications) can use MQI calls and
PCF commands to do the following:
- Who can connect to a queue manager.
- Who can access objects like queues, namelists, and processes, and
what type of access they have to those objects.
- Who can access WebSphere MQ messages.
- Who can access the context information associated with a message.
- Channel security
- You need to ensure that channels used to send messages to remote systems
can access the required resources. You also need to ensure that
channels can only be manipulated by authorized users.
You can use standard operating facilities to grant access to program
libraries, MQI link libraries, and commands. However, the directory
containing queues and other queue manager data is private to WebSphere
MQ; do not use standard operating system commands to grant or revoke
authorizations to MQI resources.
© IBM Corporation 1994, 2002. All Rights Reserved